RBAC : Assigning Virtual Machine Contributor Role to the User

azure use case

Role Based Access Control

Use Case

An on-premises Customer wants to move thier workloads and assets to azure to make collaboration easier across several offices and other companies.They want to implement/utilize the service for keeping the company's assets secure ,but still allowing users to access the resources they need.

Solution

Role based access control(RBAC)

Azure role-based access control (Azure RBAC) is an authorization system built on Azure Resource Manager that provides fine-grained access management of resources in Azure. With Azure RBAC, you can grant the exact access that users need to do their jobs.

1.Grant Virtual Machine Contributor role access at resource group level using Azure RBAC and the Azure portal

Steps to Implement RBAC in azure portal

1. In the Azure portal under Navigate, select Resource groups.
2. Select the particular resource group which we want give the access
3. Select Access control (IAM).
4. Select the Role assignments tab to view the current list of role assignments.

5. At the top, click Add role assignment.
   
   
   
   The Add role assignment pane opens.
   
   
6. In the Role drop-down list, select Virtual Machine Contributor.
7. In the Select list, select user that we wish to assign the VM contributor role
   You can find the username on the Resources tab next to the instructions.
8. Click Save to create the role assignment.
   After a few moments, user is assigned the Virtual Machine Contributor role at the particular resource group scope. The user can now create and manage virtual machines just within this resource group.

---

Remove Access for assigned VM Contributor role in Resource Group

1. In Azure RBAC, to remove access, you remove a role assignment.
2. In the list of role assignments, select the user with the Virtual Machine Contributor role.
3. Click Remove.
4. In the Remove role assignments message that appears, click Yes.